Make SCRAM tests independent from SASL2 availability and features

author: Ruslan N. Marchenko <me@ruff.mobi> 2020-11-25 22:37:48 +0100
committer: Ruslan N. Marchenko <me@ruff.mobi> 2020-11-26 23:05:04 +0100
commit: f35be864471bba3e9ba98f82dd6e1805ea902db8 (patch)
tree: b18c1cd904a9d3fe589671d1a407463a853d55a1
parent: bc786634c6163ad5ad265fbd3045477cbc22141a (diff)
download: wocky-f35be864471bba3e9ba98f82dd6e1805ea902db8.tar.gz
6 files changed, 85 insertions, 21 deletions
diff --git a/tests/wocky-connector-test.c b/tests/wocky-connector-test.c
index ab5e0f6..871997f 100644
--- a/tests/wocky-connector-test.c
+++ b/tests/wocky-connector-test.c
@@ -129,7 +129,8 @@ typedef void (*test_setup) (gpointer);
 
 typedef struct _ServerParameters ServerParameters;
 struct _ServerParameters {
-  struct { gboolean tls; gchar *auth_mech; gchar *version; } features;
+  struct { gboolean tls; gchar *auth_mech; gchar *version; gchar *need_mech; }
+    features;
   struct { ServerProblem sasl; ConnectorProblem conn; } problem;
   struct { gchar *user; gchar *pass; } auth;
   guint port;
@@ -3359,6 +3360,7 @@ client_connected (GIOChannel *channel,
       srv->auth.user,
       srv->auth.pass,
       srv->features.version,
+      srv->features.need_mech,
       cproblem,
       srv->problem.sasl,
       srv->cert);
@@ -3604,6 +3606,8 @@ run_test (gpointer data)
   g_free (path);
   /* end of cleanup block */
 
+  if (test->server_parameters.features.need_mech == NULL)
+    test->server_parameters.features.need_mech = test->result.mech;
   start_dummy_xmpp_server (&test->server_parameters);
   setup_dummy_dns_entries (test);
 
@@ -3827,22 +3831,18 @@ main (int argc,
 
   mainloop = g_main_loop_new (NULL, FALSE);
 
-#ifdef HAVE_LIBSASL2
-
   for (i = 0; tests[i].desc != NULL; i++)
     g_test_add_data_func (tests[i].desc, &tests[i], (test_func)run_test);
 
-#else
-
-  g_message ("libsasl2 not found: skipping SCRAM SASL tests");
-  for (i = 0; tests[i].desc != NULL; i++)
-    {
-      if (!wocky_strdiff (tests[i].result.mech, DEFAULT_SASL_MECH))
-        continue;
-      g_test_add_data_func (tests[i].desc, &tests[i], (test_func)run_test);
-    }
-
-#endif
+  /*
+   * SASL2 support is ridiculous, you can find all possible combinations
+   * where some support SCRAM SHA1 only, other SCRAM SHA256, some even
+   * SCRAM SHA512. But it absolutely does not depend on the version, only
+   * on the build flags. The verdict - if SASL server doesn't return back
+   * DEFAULT_SASL_MECH - we just use in-house implementation. SASL2 becomes
+   * complimentary sanity cross-check feature.
+   * We'll do additional verification in the server initialisation code.
+   */
 
   result = g_test_run ();
   test_deinit ();
diff --git a/tests/wocky-dummy-xmpp-server.c b/tests/wocky-dummy-xmpp-server.c
index 4bbc24a..f66d113 100644
--- a/tests/wocky-dummy-xmpp-server.c
+++ b/tests/wocky-dummy-xmpp-server.c
@@ -59,7 +59,7 @@ client_connected (GIOChannel *channel,
       g_io_channel_shutdown (channel, TRUE, NULL);
       gconn = g_object_new (G_TYPE_SOCKET_CONNECTION, "socket", gsock, NULL);
       server = test_connector_server_new (G_IO_STREAM (gconn),
-          NULL, "foo", "bar", "1.0",
+          NULL, "foo", "bar", "1.0", NULL,
           &cproblem,
           SERVER_PROBLEM_NO_PROBLEM,
           CERT_STANDARD);
diff --git a/tests/wocky-test-connector-server.c b/tests/wocky-test-connector-server.c
index 1796ed5..9d46810 100644
--- a/tests/wocky-test-connector-server.c
+++ b/tests/wocky-test-connector-server.c
@@ -95,6 +95,7 @@ struct _TestConnectorServerPrivate
   gboolean authed;
 
   TestSaslAuthServer *sasl;
+  gchar *must;
   gchar *mech;
   gchar *user;
   gchar *pass;
@@ -1301,7 +1302,7 @@ feature_stanza (TestConnectorServer *self)
       if (priv->sasl == NULL)
         priv->sasl = test_sasl_auth_server_new (NULL, priv->mech,
             priv->user, priv->pass, NULL, priv->problem.sasl, FALSE);
-      test_sasl_auth_server_set_mechs (G_OBJECT (priv->sasl), feat);
+      test_sasl_auth_server_set_mechs (G_OBJECT (priv->sasl), feat, priv->must);
     }
 
   if (problem & XMPP_PROBLEM_OLD_AUTH_FEATURE)
@@ -1573,10 +1574,11 @@ xmpp_init (GObject *source,
 
 TestConnectorServer *
 test_connector_server_new (GIOStream *stream,
-    gchar *mech,
+    const gchar *mech,
     const gchar *user,
     const gchar *pass,
     const gchar *version,
+    const gchar *need_mech,
     ConnectorProblem *problem,
     ServerProblem sasl_problem,
     CertSet cert)
@@ -1593,6 +1595,7 @@ test_connector_server_new (GIOStream *stream,
   priv->mech   = g_strdup (mech);
   priv->user   = g_strdup (user);
   priv->pass   = g_strdup (pass);
+  priv->must   = g_strdup (need_mech);
   priv->problem.sasl      = sasl_problem;
   priv->problem.connector = problem;
   priv->conn   = wocky_xmpp_connection_new (stream);
diff --git a/tests/wocky-test-connector-server.h b/tests/wocky-test-connector-server.h
index 4e781a3..31787aa 100644
--- a/tests/wocky-test-connector-server.h
+++ b/tests/wocky-test-connector-server.h
@@ -170,10 +170,11 @@ GType test_connector_server_get_type (void);
    TestConnectorServerClass))
 
 TestConnectorServer * test_connector_server_new (GIOStream *stream,
-    gchar *mech,
+    const gchar *mech,
     const gchar *user,
     const gchar *pass,
     const gchar *version,
+    const gchar *need_mech,
     ConnectorProblem *problem,
     ServerProblem sasl_problem,
     CertSet cert);
diff --git a/tests/wocky-test-sasl-auth-server.c b/tests/wocky-test-sasl-auth-server.c
index f66736a..b1a0fd8 100644
--- a/tests/wocky-test-sasl-auth-server.c
+++ b/tests/wocky-test-sasl-auth-server.c
@@ -225,7 +225,7 @@ stream_open_sent (GObject *source,
   /* Send stream features */
   stanza = wocky_stanza_new ("features", WOCKY_XMPP_NS_STREAM);
 
-  test_sasl_auth_server_set_mechs (G_OBJECT (self), stanza);
+  test_sasl_auth_server_set_mechs (G_OBJECT (self), stanza, NULL);
 
   wocky_xmpp_connection_send_stanza_async (priv->conn, stanza,
     priv->cancellable, features_sent, user_data);
@@ -833,6 +833,25 @@ handle_auth (TestSaslAuthServer *self, WockyStanza *stanza)
       else
         ret = SASL_NOUSER;
     }
+  else if (priv->scram && g_str_has_prefix (priv->selected_mech, "SCRAM-SHA-"))
+    {
+      ScramRes res = { self, NULL, FALSE };
+
+      wocky_sasl_scram_server_start_async (priv->scram, (gchar *) response,
+          handle_auth_cb, priv->cancellable, &res);
+
+      while (!res.complete)
+        g_main_context_iteration (NULL, FALSE);
+
+      if (res.challenge)
+        {
+          ret = 1; /* SASL_CONTINUE */
+          challenge = res.challenge;
+          challenge_len = strlen (challenge);
+        }
+      else
+        ret = SASL_NOUSER;
+    }
   else
     {
 #if HAVE_LIBSASL2
@@ -1015,6 +1034,25 @@ handle_response (TestSaslAuthServer *self, WockyStanza *stanza)
       else
         ret = SASL_BADAUTH;
     }
+  else if (priv->scram && g_str_has_prefix (priv->selected_mech, "SCRAM-SHA-"))
+    {
+      ScramRes res = { self, NULL, FALSE };
+
+      wocky_sasl_scram_server_step_async (priv->scram, (gchar *) response,
+          handle_response_cb, priv->cancellable, &res);
+
+      while (!res.complete)
+        g_main_context_iteration (NULL, FALSE);
+
+      if (res.challenge)
+        {
+          ret = SASL_OK;
+          challenge = res.challenge;
+          challenge_len = strlen (challenge);
+        }
+      else
+        ret = SASL_BADAUTH;
+    }
   else
     {
 #ifdef HAVE_LIBSASL2
@@ -1315,12 +1353,15 @@ test_sasl_auth_server_auth_async (GObject *obj,
 }
 
 gint
-test_sasl_auth_server_set_mechs (GObject *obj, WockyStanza *feat)
+test_sasl_auth_server_set_mechs (GObject *obj,
+    WockyStanza *feat,
+    const gchar *must)
 {
   int ret = 0;
   TestSaslAuthServer *self = TEST_SASL_AUTH_SERVER (obj);
   TestSaslAuthServerPrivate *priv = self->priv;
   WockyNode *mechnode = NULL;
+  gboolean hazmech = FALSE;
 
   if (priv->problem != SERVER_PROBLEM_NO_SASL)
     {
@@ -1355,8 +1396,26 @@ test_sasl_auth_server_set_mechs (GObject *obj, WockyStanza *feat)
             {
               wocky_node_add_child_with_content (mechnode,
                 "mechanism", *tmp);
+              if (!hazmech && !wocky_strdiff (*tmp, must))
+                hazmech = TRUE;
             }
           g_strfreev (mechlist);
+
+          if (!hazmech && must != NULL
+              && g_str_has_prefix (must, "SCRAM-SHA-"))
+            {
+              /* as said before, this is ridiculous so let's fix that */
+              if (g_str_has_prefix (must, "SCRAM-SHA-256"))
+                {
+                  if (priv->scram == NULL)
+                    priv->scram = g_object_new (WOCKY_TYPE_SASL_SCRAM,
+                        "server", "whatever",
+                        "hash-algo", G_CHECKSUM_SHA256,
+                        NULL);
+                  wocky_node_add_child_with_content (mechnode,
+                      "mechanism", must);
+                }
+            }
         }
     }
   return ret;
diff --git a/tests/wocky-test-sasl-auth-server.h b/tests/wocky-test-sasl-auth-server.h
index 0c89c6f..2fe8007 100644
--- a/tests/wocky-test-sasl-auth-server.h
+++ b/tests/wocky-test-sasl-auth-server.h
@@ -101,7 +101,8 @@ TestSaslAuthServer * test_sasl_auth_server_new (GIOStream *stream,
 
 void test_sasl_auth_server_stop (TestSaslAuthServer *self);
 
-gint test_sasl_auth_server_set_mechs (GObject *obj, WockyStanza *feat);
+gint test_sasl_auth_server_set_mechs (GObject *obj, WockyStanza *feat,
+    const gchar *must);
 
 G_END_DECLS
author	Ruslan N. Marchenko <me@ruff.mobi>	2020-11-25 22:37:48 +0100
committer	Ruslan N. Marchenko <me@ruff.mobi>	2020-11-26 23:05:04 +0100
commit	f35be864471bba3e9ba98f82dd6e1805ea902db8 (patch)
tree	b18c1cd904a9d3fe589671d1a407463a853d55a1
parent	bc786634c6163ad5ad265fbd3045477cbc22141a (diff)
download	wocky-f35be864471bba3e9ba98f82dd6e1805ea902db8.tar.gz